PurifyFL: Non-Interactive Privacy-Preserving Federated Learning Against Poisoning Attacks Based on Single Server

IF 5.3 3区计算机科学 Q1 COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE

IEEE Transactions on Emerging Topics in Computational Intelligence Pub Date : 2025-03-17 DOI:10.1109/TETCI.2025.3540420

Yanli Ren;Zhe Yang;Guorui Feng;Xinpeng Zhang

{"title":"PurifyFL: Non-Interactive Privacy-Preserving Federated Learning Against Poisoning Attacks Based on Single Server","authors":"Yanli Ren;Zhe Yang;Guorui Feng;Xinpeng Zhang","doi":"10.1109/TETCI.2025.3540420","DOIUrl":null,"url":null,"abstract":"Privacy-preserving federated learning (PPFL) allows multiple users to collaboratively train models on local devices without the the risk of privacy leakage. However, PPFL is prone to be disrupted by poisoning attacks for the server being forbbiden from accessing users' updates. The existing protocols focusing on poisoning attacks in PPFL generally use two servers to interactively execute protocols to defend against poisoning attacks, while the other ones using a single server require multiple rounds of server-user interactions, both of which incur significant communication overheads. We propose PurifyFL, a privacy-preserving poisoning attacks defense strategy. PurifyFL only relies on a single server while most of the previous works depend on two non-colluding servers, which are impractical in reality. Moreover, We also achieve non-interactivity between the users and the server. Experiments show that PurifyFL can effectively resist typical poisoning attacks with lower computational and communication overheads compared to existing works.","PeriodicalId":13135,"journal":{"name":"IEEE Transactions on Emerging Topics in Computational Intelligence","volume":"9 3","pages":"2232-2243"},"PeriodicalIF":5.3000,"publicationDate":"2025-03-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Emerging Topics in Computational Intelligence","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10930645/","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}

引用次数: 0

Abstract

Privacy-preserving federated learning (PPFL) allows multiple users to collaboratively train models on local devices without the the risk of privacy leakage. However, PPFL is prone to be disrupted by poisoning attacks for the server being forbbiden from accessing users' updates. The existing protocols focusing on poisoning attacks in PPFL generally use two servers to interactively execute protocols to defend against poisoning attacks, while the other ones using a single server require multiple rounds of server-user interactions, both of which incur significant communication overheads. We propose PurifyFL, a privacy-preserving poisoning attacks defense strategy. PurifyFL only relies on a single server while most of the previous works depend on two non-colluding servers, which are impractical in reality. Moreover, We also achieve non-interactivity between the users and the server. Experiments show that PurifyFL can effectively resist typical poisoning attacks with lower computational and communication overheads compared to existing works.

查看原文本刊更多论文

PurifyFL：针对单服务器中毒攻击的非交互式隐私保护联邦学习

保护隐私的联邦学习（PPFL）允许多个用户在本地设备上协作训练模型，而不会有隐私泄露的风险。但是，PPFL很容易受到中毒攻击的破坏，因为服务器被禁止访问用户的更新。PPFL中针对投毒攻击的现有协议通常使用两个服务器来交互执行协议以防御投毒攻击，而使用单个服务器的其他协议则需要多轮服务器-用户交互，这两种情况都会导致大量的通信开销。我们提出了一种保护隐私的中毒攻击防御策略PurifyFL。PurifyFL只依赖于一个服务器，而之前的大部分工作都依赖于两个不串通的服务器，这在现实中是不切实际的。此外，我们还实现了用户与服务器之间的非交互性。实验表明，PurifyFL可以有效地抵抗典型的中毒攻击，与现有作品相比，计算和通信开销更低。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Transactions on Emerging Topics in Computational Intelligence Mathematics-Control and Optimization

CiteScore

10.30

自引率

7.50%

发文量

147

期刊介绍： The IEEE Transactions on Emerging Topics in Computational Intelligence (TETCI) publishes original articles on emerging aspects of computational intelligence, including theory, applications, and surveys. TETCI is an electronics only publication. TETCI publishes six issues per year. Authors are encouraged to submit manuscripts in any emerging topic in computational intelligence, especially nature-inspired computing topics not covered by other IEEE Computational Intelligence Society journals. A few such illustrative examples are glial cell networks, computational neuroscience, Brain Computer Interface, ambient intelligence, non-fuzzy computing with words, artificial life, cultural learning, artificial endocrine networks, social reasoning, artificial hormone networks, computational intelligence for the IoT and Smart-X technologies.